CVE-2013-6469

JBoss Overlord Run Time Governance 1.0 - Authenticated Remote Code Execution via MVFLEX Expression Language Injection

Title source: llm
STIX 2.1

Description

JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX Expression Language (MVEL) expression. NOTE: some of these details are obtained from third party information.

References (2)

Core 2
Core References
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1051279
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/57843

Scores

EPSS 0.0164
EPSS Percentile 73.4%

Details

CWE
CWE-94
Status published
Products (2)
redhat/jboss_fuse_service_works 6.0
redhat/jboss_overlord_run_time_governance 1.0
Published Apr 22, 2014
Tracked Since Feb 18, 2026